Rogue AP detection

US 9,723,488 B2
Filed: 10/29/2015
Issued: 08/01/2017
Est. Priority Date: 05/09/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first access point, a first signature frame transmitted by a mobility agent of a wireless switch, wherein the signature frame includes a first switch identifier, a first port identifier, and a first virtual local area network (VLAN) identifier, wherein the signature frame further includes wireless switch identification and physical port identification;

preventing transmission of the first signature frame from a wireless interface of the first access point based on a first pattern of data in the first signature frame;

receiving, at the first access point, a second signature frame transmitted via a wireless signal from a second access point; and

reporting, by the first access point, reception of the second signature frame to a wireless controller, wherein the reporting includes reporting, to the wireless controller, an identification of the second access point, and a wireless switch and a physical port the second access point is connected to.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems and computer readable media for rogue access point detection are disclosed. In some implementations, the method can include initiating, at one or more processors of a wireless controller, a rogue access point detection process for a wireless network, and transmitting, from the one or more processors, a signature frame to a mobility agent in a wireless switch. The method can also include receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point. The method can further include reporting reception of the signature frame to the wireless controller, and generating, at the one or more processors, a signal to shut down a port associated with the rogue access point.

Citations

18 Claims

1. A method comprising:
- receiving, at a first access point, a first signature frame transmitted by a mobility agent of a wireless switch, wherein the signature frame includes a first switch identifier, a first port identifier, and a first virtual local area network (VLAN) identifier, wherein the signature frame further includes wireless switch identification and physical port identification;
  
  preventing transmission of the first signature frame from a wireless interface of the first access point based on a first pattern of data in the first signature frame;
  
  receiving, at the first access point, a second signature frame transmitted via a wireless signal from a second access point; and
  
  reporting, by the first access point, reception of the second signature frame to a wireless controller, wherein the reporting includes reporting, to the wireless controller, an identification of the second access point, and a wireless switch and a physical port the second access point is connected to.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - recognizing the first signature frame based on a pattern of data in the first signature frame.
  - 3. The method of claim 2, wherein the pattern of data includes at least one of:
    - the first switch identifier, the first port identifier, and the first VLAN identifier.
  - 4. The method of claim 1, wherein reporting reception of the second signature frame to the wireless controller comprises sending the second signature frame to the wireless controller.
  - 5. The method of claim 1, wherein the second signature frame includes a second switch identifier, a second port identifier, and a second VLAN identifier.
  - 6. The method of claim 5, wherein the second switch identifier is associated with the wireless switch, and wherein the second access point is coupled to the wireless switch via a port associated with the second port identifier.

7. A system comprising one or more processors configured to perform operations comprising:
- receiving, at a first access point, a first signature frame transmitted by a mobility agent of a wireless switch, wherein the signature frame includes a first switch identifier, a first port identifier, and a first virtual local area network (VLAN) identifier, wherein the signature frame further includes wireless switch identification and physical port identification;
  
  preventing transmission of the first signature frame from a wireless interface of the first access point based on a first pattern of data in the first signature frame;
  
  receiving, at the first access point, a second signature frame transmitted via a wireless signal from a second access point; and
  
  reporting, by the first access point, reception of the second signature frame to a wireless controller, wherein the reporting includes reporting, to the wireless controller, an identification of the second access point, and a wireless switch and a physical port the second access point is connected to.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, further configured to perform operations comprising:
    - recognizing the first signature frame based on a pattern of data in the first signature frame.
  - 9. The system of claim 8, wherein the pattern of data includes at least one of:
    - the first switch identifier, the first port identifier, and the first VLAN identifier.
  - 10. The system of claim 7, wherein reporting reception of the second signature frame to the wireless controller comprises sending the second signature frame to the wireless controller.
  - 11. The system of claim 7, wherein the second signature frame includes a second switch identifier, a second port identifier, and a second VLAN identifier.
  - 12. The system of claim 11, wherein the second switch identifier is associated with the wireless switch, and wherein the second access point is coupled to the wireless switch via a port associated with the second port identifier.

13. A nontransitory computer readable medium having stored thereon instructions that, when executed by a processor of a wireless controller, cause the processor to perform operations comprising:
- receiving, at a first access point, a first signature frame transmitted by a mobility agent of a wireless switch, wherein the first signature frame includes a first switch identifier, a first port identifier, and a first (virtual local area network) VLAN identifier, wherein the signature frame further includes wireless switch identification and physical port identification;
  
  preventing transmission of the signature frame from a wireless interface of the first access point based on a first pattern of data in the first signature frame;
  
  receiving, at the first access point, a second signature frame transmitted via a wireless signal from a second access point; and
  
  reporting, by the first access point, reception of the second signature frame to a wireless controller, wherein the reporting includes reporting, to the wireless controller, an identification of the second access point, and a wireless switch and a physical port the second access point is connected to.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The nontransitory computer readable medium of claim 13, with further instructions stored thereon that cause the processor to perform operations comprising:
    - recognizing the first signature frame based on a pattern of data in the first signature frame.
  - 15. The nontransitory computer readable medium of claim 14, wherein the pattern of data includes at least one of:
    - the first switch identifier, the first port identifier, and the first VLAN identifier.
  - 16. The nontransitory computer readable medium of claim 13, wherein reporting reception of the second signature frame to the wireless controller comprises sending the second signature frame to the wireless controller.
  - 17. The nontransitory computer readable medium of claim 13, wherein the second signature frame includes a second switch identifier, a second port identifier, and a second VLAN identifier.
  - 18. The nontransitory computer readable medium of claim 17, wherein the second switch identifier is associated with the wireless switch, and wherein the second access point is coupled to the wireless switch via a port associated with the second port identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Tsai, Ruth, Atreya, Vivek L, Choudhary, Seemant, Ankaiah, Shashi Hosakere
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
Ko, Sithu

Application Number

US14/927,062
Publication Number

US 20160135052A1
Time in Patent Office

642 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/14   for detecting or protecting...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04W 12/122   Counter-measures against at...

H04W 48/18   Selecting a network or a co...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/08   Access point devices

Rogue AP detection

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Rogue AP detection

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links